MD5 Hash Generator

Compute MD5 digests and HMAC-MD5 in your browser — pure JavaScript, no upload.

Not cryptographically secureMD5 is broken against collision attacks. Use for checksums, fingerprints, and legacy compatibility only. For security, use SHA-256.

Input interpretation

Input text

0 bytes of input (UTF-8).

hexlowercase — md5sum / OpenSSL default

————————————————————————————————

HEXuppercase — Windows certutil

————————————————————————————————

base64standard padded

————————————————————————————————

base64urlURL-safe, no padding

————————————————————————————————

Tip: toggle Hex bytes to hash raw byte sequences rather than UTF-8 text. Everything runs in your browser — no upload, no server round-trip.

Loading tool…

How to use MD5 Hash Generator

Paste or type any text into the Input box near the top of the page.
Watch the hex, HEX, base64, and base64url rows update live — no Run button.
Toggle "Hex bytes" if your input is raw binary expressed as hexadecimal rather than UTF-8 text.
Expand "HMAC-MD5 mode" and enter a key if you need an HMAC tag instead of a plain digest.
Click Copy on any row to place that specific encoding on the clipboard.
Use Share to copy a URL that restores your current settings on another device.

MD5 Hash Generator

An instant, privacy-first MD5 calculator that runs entirely in your browser. Paste any text (or raw hex bytes) and the tool computes the 128-bit RFC 1321 digest in four encodings — lowercase hex, uppercase hex, standard Base64, and URL-safe Base64URL — along with optional HMAC-MD5 per RFC 2104. No upload, no server, no third-party script in the hashing path.

Warning: MD5 is cryptographically broken. This tool is designed for checksums, fingerprints, and legacy compatibility. For any security-sensitive use, prefer SHA-256 or HMAC-SHA-256.

Why another MD5 generator online

Most of the "MD5 online" results on Google are one of three things. Some quietly POST your input to a backend, which is a privacy problem if the thing you are hashing is a session token, an API key, or customer data. Others rely on a hand-rolled JavaScript MD5 snippet that was ported from a 2010-era library and occasionally produces wrong output on Unicode inputs because it feeds the function UTF-16 code units instead of UTF-8 bytes. A third cluster buries the tool under popup ads and scraped "decrypter" forms that are really just rainbow-table lookups against known wordlists.

The MD5 tool on dev101.io does none of those things. The hashing code is a ~100-line inline implementation of RFC 1321 with a matching implementation of RFC 2104 HMAC construction — both covered by a dense Known-Answer test suite that includes every vector from RFC 1321 Appendix A.5 and RFC 2202. There is no third-party dependency for the hash itself, so nothing new enters the supply-chain surface of code that runs on every keystroke. Input bytes come from a TextEncoder UTF-8 pass (the only correct default for text), which means digests match md5sum, OpenSSL, Python's hashlib.md5, and Node's crypto.createHash("md5") byte-for-byte.

What the tool does

Four output encodings in parallel. Lowercase hex (the md5sum default), uppercase hex (Windows certutil -hashfile MD5 style), standard padded Base64 (OpenSSL -binary | base64), and Base64URL without padding (URL- and filename-safe). Every encoding is a view of the same 16 raw digest bytes, so they round-trip losslessly.
Text and hex input modes. The default interprets your input as UTF-8 text — the only sane default for strings that include non-ASCII characters. The Hex bytes toggle parses the textarea as raw hexadecimal so you can hash a known byte sequence directly without worrying about encoding.
HMAC-MD5 mode. An optional expanding section accepts a key (text or hex) and computes HMAC-MD5(key, message). Keys longer than 64 bytes are automatically pre-hashed per RFC 2104; empty keys produce a defined output rather than an error.
Byte-count indicator. The line under the input shows exactly how many bytes the hash function will see, which is the quickest way to diagnose the classic "my backend computes a different hash" bug — almost always a trailing-newline or CRLF-vs-LF mismatch, not an actual bug.
URL-hash share, options only. The Share button encodes your input-mode and HMAC-toggle settings into the URL fragment (#s=…). The input text and HMAC key are deliberately not serialized — a user who clicks Share on a secret value should not accidentally leak it.

When to use MD5 (and when not to)

MD5 remains the right tool for a surprising number of non-security tasks. Git-LFS pointer files use it. Docker manifest v1 image IDs were MD5. MySQL's MD5() is still baked into countless applications. The S3 ETag for a non-multipart upload is the object's MD5. Rsync uses MD5 internally for change detection. md5sum is still the de facto "quick checksum" tool on Linux. Bloom-filter and cache-sharding keys need a fast, well-distributed hash and don't care about collision resistance. For all of those, MD5 is fine — and this tool will match whatever they produce.

MD5 is emphatically wrong for anything where an adversary controls or can influence the input. Signatures, certificates, JWT, commitment schemes, deduplication of adversarial content (malware sandboxes, for example, where two samples intentionally collide), and password hashing are all off-limits. For passwords specifically, even a "secure" hash like SHA-256 is the wrong tool — use Argon2id, bcrypt, or scrypt with appropriate parameters.

HMAC-MD5 specifics

HMAC (Hash-based Message Authentication Code), defined in RFC 2104, is a construction that turns any hash function into a keyed MAC. HMAC-MD5 is HMAC instantiated with MD5, and it is notable because the HMAC structure resists the MD5 collision attacks — essentially, finding a collision in the underlying hash does not immediately let you forge a MAC tag. RFC 6151 describes the security margin in detail. Several standards (TLS 1.0 PRF, some older Kerberos modes, legacy Google authentication cookies) used HMAC-MD5 and are not considered broken in the MAC sense. That said, new designs should use HMAC-SHA-256 by default — the only reason to pick HMAC-MD5 in 2026 is interoperability with a system that already uses it.

Privacy promise

Every byte of your input stays in your browser. The hashing code runs locally, there is no analytics on input, and no third-party script is loaded in the transform path. The Share button encodes only UI settings into the URL fragment (#…), which browsers never transmit to servers by design, and it intentionally omits the input text and HMAC key so that clicking Share on a secret is still safe. If you are hashing something you would not paste into a Slack DM, this is the safest place on the web to do it.

What's not supported (yet)

File drag-and-drop. Paste the file's contents or its hex representation for now. A dedicated file-hash tool with streaming support is on the roadmap so we do not block the UI on large reads.
MD4, MD2, RIPEMD-160. Sibling hashes that sometimes show up in legacy contexts; they need their own tools with their own test-vector suites rather than piggybacking here.
HMAC over truncated output. Some older protocols truncate HMAC-MD5 to 96 bits. You can truncate the hex output manually; a dedicated toggle may come if demand shows up.

Related tools

SHA-256 Hash — the modern default. Use this for anything new.
Base64 Encode / Decode — convert the raw digest bytes between encodings, or round-trip arbitrary binary data.
Hex Encoder / Decoder — switch between bytes and hex for feeding into the Hex bytes input mode.

Frequently asked questions

Is MD5 safe to use in 2026?

MD5 is not safe for any security-sensitive purpose. Practical collision attacks have been public since 2004, and chosen-prefix collisions have been within reach of commodity hardware since 2007 (the MD5-SSL CA forgery in 2008 was the first real-world demonstration). That means an attacker can construct two different inputs that share the same MD5 digest, which breaks signatures, certificates, file integrity for adversarial settings, and anything else that depends on "no two inputs should collide." MD5 is still widely used for non-security reasons — checksumming benign files, sharding keys in a cache, deduplicating non-adversarial data, matching legacy system output — and this tool exists for those cases. For any signature, authentication, or integrity check involving untrusted input, use SHA-256 or SHA-512.

Why is MD5 not in the Web Crypto API?

The W3C WebCrypto specification deliberately excluded MD5 because it is broken. `crypto.subtle.digest` supports SHA-1, SHA-256, SHA-384, and SHA-512 — but not MD5. That is why this tool ships an inline pure-JavaScript implementation of RFC 1321 rather than calling a browser primitive. The code is about 100 lines of bitwise operations over 16-word blocks and produces byte-identical output to `md5sum`, OpenSSL, Python's `hashlib.md5`, and Node's `crypto.createHash("md5")`. No dependency is installed, so there is zero supply-chain exposure for code that runs on every keystroke.

What is the difference between MD5, HMAC-MD5, and SHA-256?

MD5 is a plain hash — it takes bytes in, produces 128 bits of digest out, and has no secret. HMAC-MD5 is a message-authentication code built on top of MD5 (defined in RFC 2104) — it takes a secret key plus a message and produces a tag that only holders of the key can reproduce. Even though MD5 itself is broken for collision resistance, HMAC-MD5 is still considered reasonably secure as a MAC because the key-mixing construction resists the known attacks; it nevertheless shouldn't be used for new designs. SHA-256 is a different algorithm family (SHA-2) that outputs 256 bits, has no practical collision attack, and is the modern default for everything MD5 used to be used for.

Why do different tools give me different MD5 values for the same input?

Almost always a byte-level encoding mismatch. The three common culprits are trailing newlines (`echo 'hello'` writes 6 bytes, `echo -n 'hello'` writes 5), line-ending differences (`\r\n` on Windows vs `\n` on Unix), and text encoding (UTF-8 vs UTF-16 vs Latin-1). MD5 hashes raw bytes, so "café" in UTF-8 (`63 61 66 c3 a9`, 5 bytes) hashes to a different value than "café" in Latin-1 (`63 61 66 e9`, 4 bytes). This tool always encodes text as UTF-8 by default, and the byte counter under the input pane shows you exactly what will be hashed. Flip the Input interpretation toggle to "Hex bytes" if you need to feed raw bytes directly.

Can I "decrypt" or "reverse" an MD5 hash?

No. MD5 is a one-way function — there is no mathematical inverse, and producing the original input from a digest is computationally infeasible for anything longer than a few characters with any entropy. Sites that advertise an "MD5 decrypter" are running a rainbow-table lookup against known precomputed digests of common passwords, English words, and leaked credentials; they succeed only for inputs that already appear in someone's wordlist. The practical way to verify a candidate matches a known MD5 is to re-hash the candidate with this tool and compare digests.

Does this tool send my input anywhere?

No. The MD5 implementation runs entirely in your browser — there is no request, no upload, no server-side logging, and no third-party script in the hashing path. The Share button serializes only your UI settings (input mode, HMAC toggle) into the URL fragment (`#…`), never the input text or HMAC key, because those may be secret. URL fragments are client-only by design and are never transmitted to the server, so shared links keep your settings portable without leaking your content.